#!/bin/bash
set -e  # Exit immediately if a command exits with a non-zero status.

# Variables
NAMESPACE="openshift-machine-api"
SECRET_NAME="worker-user-data-managed"
KEY_USERDATA="userData"
WORKER_IGNITION_FILE="/tmp/worker.ign"
TLS_CERT_FILE="/tmp/worker.ign"
CLUSTER_NAME="mlab-ctiruthtest01d"
IGNITION_CERT_SECRET_NAME="ignition-cert"
IGNITION_ENDPOINT_URL="https://192.168.111.150:22623/config/worker"

# Step 1: Extract worker URL from the OpenShift secret and create worker ignition file
echo "Extracting worker ignition data..."

# Extracting the source URL from the secret (without jq)
worker_url=$(oc extract -n $NAMESPACE secret/$SECRET_NAME --keys=$KEY_USERDATA --to=- | grep -oP '(?<=source":")[^"]+')
echo "Worker URL: $worker_url"

# Extract and decode the base64 encoded data
oc extract -n $NAMESPACE secret/$SECRET_NAME --keys=$KEY_USERDATA --to=- | grep -oP '(?<=base64,)[^"]+' | base64 -d > $WORKER_IGNITION_FILE

# Step 2: On ACM Hub, create the secret and patch the cluster agent
echo "Creating ignition-cert secret and patching cluster agent..."
oc create secret generic $IGNITION_CERT_SECRET_NAME -n $CLUSTER_NAME --from-file=tls.crt=$TLS_CERT_FILE
oc patch agentclusterinstall $CLUSTER_NAME -p "{\"spec\":{\"ignitionEndpoint\":{\"caCertificateReference\":{\"name\":\"$IGNITION_CERT_SECRET_NAME\",\"namespace\":\"multi-node\"},\"url\":\"$IGNITION_ENDPOINT_URL\"}}}" --type=merge

echo "Task completed successfully."
